Privacy Policy

All WePay users must read and agree to the Terms of Service and Privacy Policy for the country in which they are located. Users of the Apple Pay Web APIs or the Apple Pay Platform must agree to the Apple Pay Terms, too. Use the buttons below to access the documents that apply to you, then download or print them.

WePay Privacy Policy - United States

Last update: Novenmber 9, 2016. This update replaces references to the US-EU Safe Harbor under "Location" below with a reference to the model clauses.

This Privacy policy reflects how WePay, Inc. ("WePay" or "we") provides its payment services (the "Services") through third party websites ("Platforms"), such as marketplaces, business tools providers, and crowdfunding sites. Platforms provide WePay's Services to their end users ("Users" or "you") by integrating with WePay's application programming interface ("API"), which also enables the Platform to provide User information to WePay and receive information from WePay. This Privacy Policy addresses how WePay handles all User information, including User information provided by you, User information provided by the Platform, and User information obtained by WePay from third parties.

WePay's Privacy Policy describes the ways we collect, use, and share User information. We may amend this Privacy Policy at any time by posting a revised version at this link. The revised version will be effective at the time we post it, unless we provide additional notice or an opportunity to "opt-in" because changes are material or retroactive.

By using the Services, you are accepting the practices described in this Privacy Policy. By using a Platform that has integrated with WePay's API, you are also accepting the practices described in the Platform's Privacy Policy, which you should review carefully. Any information you enter on the Platform's website or application, or on WePay pages, fields, or resources that are integrated with the Platform's website or application, may be shared with the owner of the Platform website or application, subject to the requirements of the Payment Card Industry Data Security Standard (PCI-DSS) and applicable law. WePay is not responsible for the content or information practices of Platforms.

Information Collected

WePay collects three types of information: information that Users intentionally provide to WePay or the Platform, information about Users that third parties provide to WePay or the Platform to augment or verify that information, and information automatically provided by Users as they interact with the WePay or Platform website. Information that can be used to identify, contact, or locate a User is "personally identifiable information." Automatically provided information that uniquely identifies a device or browser is not personally identifiable information, unless it is linked to a particular User.

User Provided Information

Users either accept payments as "Merchants" or make payments as "Payers." A Merchant must provide the Merchant's name, email address, a self-selected password, street address, telephone number, tax identification number, merchant category code, date of birth (if a natural person), and bank account information. A Merchant may provide additional information, such as a link to its website or social media account, in order to accelerate account activation and qualify for faster disbursement of funds.

A Payer who is paying with a credit or debit card must provide the Payer's name, card number, expiration date, CVV code, country, and zip code. A Payer who is paying by ACH or EFT must provide the Payer's name and bank account information.

Merchants or Payers may voluntarily provide additional information to WePay or the Platform, for example, when seeking customer support or in response to surveys or other inquiries.

Third-Party Provided Information

WePay or the Platform may obtain information about Users from third parties, such as identity verification services, credit reporting services, and social networks such as Facebook or LinkedIn. The Platform may provide WePay with additional information, such as the User's transactional history on the Platform.

Automatically Provided Information

WePay or the Platform may automatically record certain information about or related to your use of the Services and the Platform that is made available through your computer. Three such technologies are described below.

Cookies - WePay or the Platform collects certain information from the User's browser using small data files called "cookies." For example, WePay or the Platform may use session cookies to help recognize a User who visits multiple website pages during the same session, so that the User does not have to enter a password to access each page. Session cookies terminate once the User closes the browser. By default, WePay or the Platform also uses persistent cookies to collect, store, and track information. For example, WePay or the Platform uses persistent cookies to store the User's login ID (but not the User's password) to make it easier for the User to login when the User returns to the website. We encode our cookies so that only we can interpret the information stored in them. You can remove or block persistent cookies using the settings in your browser, but this may limit your ability to use our Services.

Clear GIFs and Web Beacons - WePay or the Platform may employ a software technology, called clear gifs or web beacons, that helps us better manage content on the WePay or Platform website, and in WePay or Platform emails, by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a User's computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence.

"Do Not Track" Disclosure

WePay does not currently respond to web browser "Do Not Track" signals or other mechanisms that provide a method to opt out of the collection of personally identifiable information across the networks of websites and online services in which we participate. If we do so in the future, we will describe how we do so in this Privacy policy. Platforms may collect personally identifiable information about a User's online activities from you or from the WePay Services. Please refer to the Platform's Privacy policy for information regarding its own "Do Not Track" policy.

Basically,

We collect and store certain information about you. This information may be provided directly by you, a platform partner, or WePay may collect it based on your use of the website.

Use of Information Obtained by WePay

WePay uses User information primarily in order to develop, operate, support, maintain, enhance and provide the Services. WePay uses User information to process payment transactions; to provide receipts and reports; to resolve disputes, collect fees, and troubleshoot problems; to customize, measure, and improve the Services; and to enforce our agreements with Platforms and our Terms of Service and Merchant Agreement with Users.

WePay also uses User information to detect and prevent fraud and other potentially illegal activities. WePay may combine User information with information from other sources using proprietary algorithms to calculate a measure of the risk that a particular User or transaction is fraudulent ("Risk Score").

WePay uses User information for our administrative and operational purposes. WePay or the Platform may notify you of changes in the Services, or may solicit your feedback, or may conduct market research, or may send you promotional materials. To unsubscribe from promotional emails, click the "unsubscribe" link in the email.

Basically,

WePay uses information collected about you in order to meet legal obligations and provide a better service.

Sharing of Information with Third Parties

WePay may share User information with third-party service providers who help with certain parts of our business operations including settlement, security, validation of user credentials, secure data storage, marketing, customer service, and other services. WePay requires that these service providers use personally identifiable User information only in connection with the services they perform for WePay. In particular, the Services integrate ACH authorization services provided by Plaid Technologies, Inc. ("Plaid"). If you use the Services to pay by ACH or EFT, you acknowledge and agree that your information will be treated in accordance with Plaid's privacy policy located at https://plaid.com/privacy.

WePay also may share non-personally identifiable User information with third parties that help us better understand how Users use our Service or help us detect and prevent fraud and other unauthorized or suspicious activity. These third parties may use cookies and other technologies to collect non-personally identifiable information about Users and combine it with similar information collected from others. They may use this information to help WePay to better understand our Users, and to help their other customers better understand their users.

A WePay Risk Score is not personally identifiable information, and WePay may share it (and other similar information generated by WePay) with Platforms or other third parties. WePay claims ownership of Risk Scores and similar analytical results that we generate using User information, whether alone or in combination with other information. WePay may use, disclose, or sell Risk Scores in WePay's sole discretion.

WePay may share User information in the event of a merger, acquisition, debt financing, sale of all or a portion of our assets, or similar transaction, or in the event of insolvency, bankruptcy or receivership in which User information is transferred to one or more third parties as one of our business assets. Should such an event occur, WePay will endeavor to assure that the acquirer, successor, or assignee (as the case may be) follows this Privacy policy with respect to User information. If User information could be used contrary to this Privacy policy, Users will receive prior notice as well as the opportunity to opt out.

WePay may share User information with law enforcement, government officials, or other third parties in the event of a subpoena, court order or similar legal procedure, or when WePay believes in good faith that the disclosure of User information is necessary or advisable to report suspected illegal activity, or to protect WePay's property or legal rights (including, but not limited to, enforcement of WePay's Terms of Service, Merchant Agreement, and other agreements) or the property or rights of others, or otherwise to help protect the safety or security of the Services.

Except as expressly disclosed in this Privacy policy, WePay will not sell or disclose User information to third parties. WePay will not sell, rent, share, or trade personally identifiable information to third parties (other than the Platform through which WePay collected such information) for their promotional purposes. WePay may disclose aggregated or other types of non-personally identifiable information to third parties for various purposes.

Basically,

We will share personally identifiable information with third parties only to best provide WePay's services and in special situations, such as legal investigations and merger. We may also share non-identifiable information with third parties that help us prevent fraud and analyze website activity.

Security

WePay has implemented physical, technical, and procedural safeguards to protect User information from unauthorized access, disclosure, alteration, or destruction. WePay uses computer safeguards such as firewalls and data encryption, and authorizes access to personally identifiable information only for those employees, contractors, and agents who require it to fulfill their job responsibilities.

WePay takes additional care to protect User information, such as credit card or bank account numbers, if disclosure of the particular type of User information could cause direct financial loss. WePay encrypts such information and transmits it under Secure Socket Layer (SSL).

Basically,

WePay has taken a number of steps in order to become an extremely secure service.

Location

WePay stores and processes User information on dedicated servers located in secure data centers that may be located within the United States or in other jurisdictions. If you use the Services from the European Economic Area or other regions of the world with laws governing data collection and use that differ from laws of the United States, then you understand and consent to the transfer of your User information to the United States or other jurisdictions for the uses identified above in accordance with this Privacy policy. You acknowledge and agree that the privacy and data security laws in place in the United States or other jurisdictions may be different from the privacy and data security laws in force in the country in which you reside. By voluntarily providing User information, you hereby agree that you are consenting to our collection, use, storage, and disclosure of such User information in accordance with this Privacy policy.

In relation to transfers of User information from WePay Payments Ltd. (in the UK) to WePay, Inc. (in the United States), WePay has put in place measures, including standard model clauses, to ensure an adequate level of protection for the rights and freedoms of individuals in relation to the processing of their personal data, as required by European data protection laws.

Basically,

It's easy to change your user information.

Children

The Services are not intended for children. We ask that minors (persons under the age of 18) do not submit any personal information to us or use the Services.

Basically,

You may only use WePay if you are 18 years old or older.

Contacting WePay

If you have questions or concerns regarding this policy, you may email us at legal@wepay.com.

You can also write to us at:

WePay, Inc.

350 Convention Way, Suite 200

Redwood City, CA, 94063

Basically,

You can reach us through email or postal mail regarding the Privacy policy.